Vulnerability so simple, anyone could use it. Security researchers have discovered a flaw in open source CMS WordPress that would allow a hacker to take down a website through a DoS attack with a single machine.

Hackers have deployed brute force attacks on WordPress websites in order to turn them into cryptocurrency miners. Single botnet thought to be behind massive attack that yielded almost £750,000 for criminals.

Attackers exploited an old WordPress vulnerability to infect more than one thousand websites with malware capable of injecting malvertising and even creating a rogue admin user with full access privileges, according to researchers.

Paul Bischoff, security and privacy advocate for Comparitech.com is warning website owners who use the Simple Share Buttons plugin for WordPress that clicking to "accept" the terms and conditions of the latest update could allow their websites to subject users to threats.

Researchers are warning WordPress website administrators of a malware attack, whereby adversaries inject code into the header.php file of a site's current WordPress theme, in order to redirect visitors to malicious domains.

WordPress has turned on HTTPS encryption for every custom domain hosted on WordPress.com. The publishing platform started working with the certificate authority Let's Encrypt to launch a beta rollout of HTTPS earlier this year.

In this week's In Case You Missed It, we recap the most popular stories of the week including NHS digital transformation cash, serious flaw found in Avast secure browser, fake survey is hooking Amazon users, more WordPress malware and businesses suffering theft of intellectual property.

SC Media UK arms cyber-security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.